33 matches found
CVE-2026-57638
Contributor Cross Site Scripting XSS in Fluent Booking = 2.1.0 versions...
CVE-2026-57638
CVE-2026-57638 concerns a Cross Site Scripting (XSS) vulnerability in the WordPress plugin Fluent Booking affecting versions
EUVD-2026-39754
Contributor Cross Site Scripting XSS in Fluent Booking = 2.1.0 versions...
CVE-2026-57638 WordPress Fluent Booking plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability
Contributor Cross Site Scripting XSS in Fluent Booking = 2.1.0 versions...
WordPress Fluent Booking plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Tarcísio LuchesiPoystick in WordPress Plugin Fluent Booking versions = 2.1.0...
WordPress Fluent Booking plugin <= 2.0.01 - Unauthenticated Stored Cross-Site Scripting via Multiple Parameters vulnerability
Unauthenticated Stored Cross-Site Scripting via Multiple Parameters vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin Fluent Booking versions = 2.0.01...
CVE-2026-2231
The Fluent Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 2.0.01 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
EUVD-2026-16172
The Fluent Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 2.0.01 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
CVE-2026-2231
The Fluent Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 2.0.01 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
CVE-2026-2231 Fluent Booking <= 2.0.01 - Unauthenticated Stored Cross-Site Scripting via Multiple Parameters
The Fluent Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 2.0.01 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
CVE-2026-2231
The Fluent Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 2.0.01 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
CVE-2026-2231 Fluent Booking <= 2.0.01 - Unauthenticated Stored Cross-Site Scripting via Multiple Parameters
The Fluent Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 2.0.01 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
CVE-2026-2231
The CVE-2026-2231 entry concerns the Fluent Booking plugin for WordPress. Affected component: the plugin’s stored XSS via multiple parameters in all versions up to 2.0.01, caused by insufficient input sanitization and output escaping. Impact: unauthenticated attackers can inject arbitrary web scr...
WordPress plugin Fluent Booking 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-28322
Name of the Vulnerable Software and Affected Versions Fluent Booking versions up to and including 2.0.01 Description The Fluent Booking plugin for WordPress is susceptible to Stored Cross-Site Scripting through multiple parameters. Insufficient input sanitization and output escaping allow...
WordPress Fluent Booking - The Ultimate Appointments Scheduling, Events Booking, Events Calendar Solution plugin <= 1.9.11 - Authenticated (Subscriber+) Missing Authorization to Calendar Import and Management vulnerability
WordPress Fluent Booking - The Ultimate Appointments Scheduling, Events Booking, Events Calendar Solution plugin = 1.9.11 - Authenticated Subscriber+ Missing Authorization to Calendar Import and Management vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPre...
CVE-2025-67597
Missing Authorization vulnerability in Shahjahan Jewel Fluent Booking fluent-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Booking: from n/a through = 1.9.11...
CVE-2025-67597
Missing Authorization vulnerability in Shahjahan Jewel Fluent Booking fluent-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Booking: from n/a through = 1.9.11...
EUVD-2025-202056
Missing Authorization vulnerability in Shahjahan Jewel Fluent Booking fluent-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Booking: from n/a through = 1.9.11...
CVE-2025-67597
CVE-2025-67597 concerns the WordPress Fluent Booking plugin (fluent-booking) with versions up to 1.9.11. The issue is a Missing Authorization vulnerability caused by insufficient access-control checks, enabling unauthorized access to Fluent Booking features. The CVSS v3.1 base score is 4.3 (Mediu...